Feedback Form:

Meta

Routine OpenVPN Test Successful Today

On my Home LAN, I host a VPN. Contrarily to what the term might suggest, “OpenVPN” does not stand for a VPN which is Open, nor which anybody might have access to for free. OpenVPN is just one possible protocol for implementing VPN, and is stuffed to the gills with security measures and encryption, which keep unauthorized people out, and which ensure the privacy of the VPN tunnel, which a Client can invoke from outside the LAN, into the LAN.

I possess an OpenVPN client for my Tablet, that receives updates from its developers from time to time. After several updates to the app, I need to test whether it still works, even if at that moment there is no practical need for me ‘to VPN into my LAN’. And just today I found, that indeed this Android app, as well as my server at home, still work 100%.

In order to verify that I have meshed adequately with my LAN, I typically make it a part of the test to ping a computer on that LAN, which is not itself the VPN Server, and to make sure that I get normal ping responses. This also tells me that my specific routing implementation works, beyond the VPN tunnel to the Server itself. My average ping time today was 37 milliseconds.

A VPN is not really a Proxy. If I wanted to change certain settings, I could redirect all my traffic to the Internet at large, through my VPN at home, which is currently still configured to be routed directly from where my Client is located. I was performing my test from a public WiFi hot-spot, so my regular Internet access was still taking place directly from there.

And, because my Home LAN is located in the same jurisdiction as that WiFi hot-spot was, there would also be zero benefit, to my redirecting all my Internet traffic through the VPN, because doing so would gain no special access privileges, geographically, to Internet content anywhere.

Now, I know that some people pay a VPN Host under the table, who is located specifically in the USA, just so that they can view restricted TV content, because the providers of the content will see the connection attempt, as if it had originated from the VPN, and not from the remote Client.

But I, personally, view this as a perversion of what a VPN is supposed to be.

I suppose that the peculiar detail of my own VPN could be, that I have made myself the only client who is allowed to use it. But this arrangement can be explained, because at any point in time, I might want to access Servers and resources, which are normally only available from within my LAN, but to access that from someplace else, if I only have my Tablet with me… I am also able to access my Samba shares, and therefore any files I need access to, via the VPN, because in every practical sense, using it makes me a part of my LAN.

I have even tested the ability in the past, to create a ‘Remote Desktop Session’ – aka ‘VNC’ – on some of my computers, while connecting through the VPN. But for a routine test, I usually do not go that far. More typically, I will just ping another machine on the LAN during a routine test, while also testing my ‘RDP’ and ‘XRDP’ capabilities separately, the latter while physically on my LAN. But just to convince myself, on special occasions I have created an RDP Session – a VNC Session – while connecting from the outside.

All this takes considerable time and effort to set up correctly and securely. And my initial attempts failed, due to minor configuration errors on my OpenVPN Server. But due to extensive troubleshooting, I was able to get everything to work, maybe in 2013 or 2014?